How to Prevent Insider Threat Data Breaches in 2018: The Top Experts Speak

Lee Barrett has been Executive Director of The Electronic Healthcare Network Accreditation Commission (EHNAC) since its inception in 1993. A member of the HHS Cyber security Task Group and Chair of the National Trust Network Data Sharing and Cyber security Task Group, Barrett continues to work on key HIT industry initiatives that lay the foundation for health information technology.

Top Initiatives to take in 2018 to prevent insider threat data breaches:

Today’s cyber criminal has evolved into a dangerous entity and presents a threat not just from external forces, but internally as well. As a result, organizations need to minimally conduct an annual risk assessment and asset inventory of their organization and map the data flow within their enterprise especially for Protected Health Information (PHI) in order to determine their risk in the event of a breach or cyber attack. Vulnerabilities and gaps identified as part of the risk assessment should be mitigated and there should be ongoing monitoring and remediation as organizations continually monitor their environments.

Security frameworks and risk sharing need to be integrated into an organization’s infrastructure by implementing risk-mitigation strategies, preparedness planning, as well as adhering to the regulations created by the Office of the National Coordinator for Health IT (ONC), Office for Civil Rights (OCR) and the National Institute for Standards and Technology (NIST) which focus on Cyber security and Ransomware.

BYOD protocols must be evaluated within security frameworks as they present a significant set of data security challenges. Cyber criminals can strike when employees, through their cell phones or tablets, connect into an informatics or data exchange –unintentionally or intentionally – infecting the enterprise infrastructure with malware.

Assure that all enterprise software and firmware implement all version releases and updates as soon as they are made available to an organization.

Organizations should also consider working with a third-party reviewer as they offer an extra level of independent scrutiny for risk management plans and procedures. Independent, third-party audits are also a common way that breaches are discovered, allowing fixes to be deployed more quickly. Additionally, organizations should assure that they are performing regular intrusion, penetration and phishing testing of their environment and either perform this function internally or by contracting with a third party that provides these services.